The New York Department of Financial Services (NYDFS) issued its Cybersecurity Regulation to require cybersecurity practices for financial institutions’ customer information and IT systems. These rules apply to financial institutions doing business in New York and that are regulated by NYDFS, with exceptions for small businesses. Organizations that are not compliant may face revocation of licensure, consent orders, or civil penalties ranging from $2,500 to $75,000 per day. Below, learn more about NYDFS and how Rapid7 can help you achieve compliance goals.
Maintain a cybersecurity program to protect information systems
Conduct regular security risk assessments
Implement safeguards and policies based on risks
Detect and respond to cybersecurity events
Monitor and test the cybersecurity program
Ensure security of applications
Train and oversee personnel and service providers
Learn how to tackle 9 key NYDFS cybersecurity requirements. Rapid7 can help you maintain a holistic, robust, and risk-based security program designed to safeguard sensitive customer financial data.